<?php
include ("header.php");
if (isset ( $_SESSION ['username'] )) {
	
	$firstName = mysql_real_escape_string ( $_POST ["cFName"] );
	$lastName = mysql_real_escape_string ( $_POST ["cLName"] );
	$areaCode = mysql_real_escape_string ( $_POST ["areaCode"] );
	$prefix = mysql_real_escape_string ( $_POST ["pnum3"] );
	$lineNumber = mysql_real_escape_string ( $_POST ["pnum4"] );
	$streetAddress = mysql_real_escape_string ( $_POST ["streetAdd"] );
	$street2 = mysql_real_escape_string ( $_POST ["add2"] );
	$city = mysql_real_escape_string ( $_POST ["city"] );
	$state = mysql_real_escape_string ( $_POST ["state"] );
	$zip = mysql_real_escape_string ( $_POST ["zip"] );
	$email = mysql_real_escape_string ( $_POST ["email"] );
	$website = mysql_real_escape_string ( $_POST ["webSite"] );
	$additional = mysql_real_escape_string ( $_POST ["element_9"] );
	$userName = $_SESSION ['username'];
	
	$query = "SELECT `uid` FROM `users` WHERE `username` = '$userName'";
	$result = mysql_query ( $query, $connection );
	$row = mysql_fetch_array ( $result );
	
	$query = <<<END
UPDATE `organizations` 
	SET 
	`firstName`='$firstName',
	`lastName`='$lastName', 
	`areaCode`='$areaCode', 
	`prefix`='$prefix', 
	`lineNumber`='$lineNumber', 
	`streetAddress`='$streetAddress', 
	`streetAddress2`='$street2', 
	`city`='$city', 
	`state`='$state', 
	`zipCode`='$zip', 
	`email`='$email', 
	`websiteAddress`='$website', 
	`additionalInfo`='$additional' 
	WHERE `orgID`='$row[0]';
END;

	$result = mysql_query ( $query, $connection );
	if(!$result){
		$output = "<p align = center>Unable to update information at this time.</p>";
	}
	else {
		$output = "<p align = center>Update successful</p>";
	}

} else{
	$output = "<p align = center>You must be logged in to edit information.</p>";
}
echo $output;
	
	

include ("footer.php");
?>